News
Lite LLM MCP Endpoint Authentication Bypass Fixed in v1. 84. 0
4+ hour, 4+ min ago (214+ words) Outcomes by security role Intelligence your team can act on. Mallory reasons across your attack surface and the global threat landscape. Before adversaries strike. Mallory correlates global threat intelligence with your attack surface " know if you're exposed before adversaries strike....
Polin Rider Supply Chain Campaign Hijacks Developer Packages and Uses Blockchain Dead Drops
3+ day, 12+ hour ago (264+ words) See the platform in action Intelligence your team can act on. Mallory reasons across your attack surface and the global threat landscape. Before adversaries strike. Mallory correlates global threat intelligence with your attack surface " know if you're exposed before adversaries…...
Unit 42 Warns AI-Hallucinated Domains Are Becoming a Supply-Chain Attack Vector
1+ week, 1+ day ago (220+ words) See the platform in action Mallory correlates global threat intelligence with your attack surface " know if you're exposed before adversaries strike. 1 event from the most recent confirmed update back to the earliest known activity. Unit 42 published research describing "phantom squatting,…...
Unauthenticated Jimu Report Export Flaw Exposes Arbitrary Report Data
1+ week, 1+ day ago (171+ words) See the platform in action Mallory correlates global threat intelligence with your attack surface " know if you're exposed before adversaries strike. 1 event from the most recent confirmed update back to the earliest known activity. Vulnerabilities, threat actors, malware, products, organizations,…...
LDAP Ping Username Enumeration Evades Event 1644 but Exposes Gaps in AD Logging
1+ week, 6+ day ago (171+ words) See the platform in action Mallory correlates global threat intelligence with your attack surface " know if you're exposed before adversaries strike. 1 event from the most recent confirmed update back to the earliest known activity. Vulnerabilities, threat actors, malware, products, organizations,…...
Board Directors Adopt Shadow AI Without Governance Controls
2+ week, 4+ hour ago (171+ words) See the platform in action Mallory correlates global threat intelligence with your attack surface " know if you're exposed before adversaries strike. 1 event from the most recent confirmed update back to the earliest known activity. Vulnerabilities, threat actors, malware, products, organizations,…...
Langflow fixes IDOR letting authenticated users execute other users" flows
2+ week, 5+ day ago (171+ words) See the platform in action Mallory correlates global threat intelligence with your attack surface " know if you're exposed before adversaries strike. 2 events from the most recent confirmed update back to the earliest known activity. Vulnerabilities, threat actors, malware, products, organizations,…...
Jupyter Server fixes stored XSS in nbconvert HTML rendering
2+ week, 6+ day ago (209+ words) See the platform in action Mallory correlates global threat intelligence with your attack surface " know if you're exposed before adversaries strike. 1 event from the most recent confirmed update back to the earliest known activity. A security advisory disclosed a stored…...
Critical Crawl4 AI Docker API flaws enabled unauthenticated RCE and file abuse
3+ week, 1+ day ago (157+ words) See the platform in action Mallory correlates global threat intelligence with your attack surface " know if you're exposed before adversaries strike. 3 events from the most recent confirmed update back to the earliest known activity. 3 references tracked. Mallory keeps watching after…...
VHDX-Based ZIP Campaign Delivers Remcos RAT via Java Script, Power Shell, and. NET Loader
3+ week, 1+ day ago (227+ words) See the platform in action Mallory correlates global threat intelligence with your attack surface " know if you're exposed before adversaries strike. 1 event from the most recent confirmed update back to the earliest known activity. A SANS Internet Storm Center diary…...